[Owasp-atlanta] Atlanta OWASP April Meeting is Today!
Burke, Charles
Charles_Burke at HomeDepot.com
Wed Apr 26 15:01:56 EDT 2006
Secure Code Reviews
Wednesday April 26th 6:30pm - 8:30pm
Suntrust
250 Piedmont Ave
Atlanta, GA 30338
Speaker: Dean Saxe, CEH and Foundstone Senior Consultant
Do you use commercial automated code review tools to improve the
security of your applications? Do you know what bugs the tools are able
to find consistently? More importantly, do you know what vulnerabilities
the tools will never find? Or, do you prefer the manual approach to code
reviews, looking at every line of code to ensure that no bugs or flaws
exist?
The automated approach is relatively fast and prone to false positives
and false negatives . The manual approach is slow, tedious and requires
developers comfortable with reviewing large code bases and a solid
background in software security in order to be effective.
We will look at the code review process implemented by Foundstone for
use with our clients and how you can implement a secure code review
process in your own organization. Learn how a threat model, industry and
corporate standards, policies and legal requirements drive secure code
reviews. Discover the difference between security bugs and flaws and how
implementation of the Application Security Frame can help your
organization provide a classification scheme for vulnerabilities that
can be used to ensure the completeness of your reviews. Learn how a
combination of automated tools, both commercial and home-grown, and
manual reviews results in a superior secure code review process.
Directions:
"To those who are planning on attending the meeting this Wednesday at
Suntrust, here are some directions. You can enter the building on
Piedmont Ave, through the glass doors. Take the elevator up to the
lobby level and check in at the guard station there. You can also come
in to the building throughc the Hilton. If you come in through the
Hilton, you will enter right beside the guard desk. I'll meet you guys
at the desk and will help get everyone to the meeting room. If anyone
has any problems, they can reach me on my cell at 404-274-2649. Also,
if everyone could let me know as soon as possible if they'll be coming
so I can arrange the appropriate sized room for us. Thanks." Dallas
Jordan, CISSP
Send RSVP email to cburkeinga at hotmail.com
Register to OWASP Atlanta mailing list at:
http://lists.sourceforge.net/lists/listinfo/owasp-atlanta/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-atlanta/attachments/20060426/e6ea4e69/attachment.html
More information about the Owasp-atlanta
mailing list